|
277511
|
- |
|
goomeo
|
sopexa_pavillon_france
|
The Sopexa Pavillon France (aka com.goomeoevents.pavillonfrance) application 3.6.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof s…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7002
|
2024-11-21 11:16 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277512
|
- |
|
ijianren
|
jian_ren
|
The Jian Ren (aka cn.sh.scustom.janren) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensiti…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7001
|
2024-11-21 11:16 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277513
|
- |
|
paulalexanderformayor
|
paul_alexander_campaign
|
The Paul Alexander Campaign (aka hr.apps.n51261427) application 4.5.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and ob…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7000
|
2024-11-21 11:16 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277514
|
- |
|
twiki
microsoft
|
twiki
windows
|
lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier, when running on Windows, allows remote attackers to bypass intended access restrictions and upload files with restricted names via a null byte (%00) i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7237
|
2024-11-21 11:16 |
2014-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277515
|
- |
|
debian
|
apt
advanced_package_tool
|
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
|
CWE-59
Link Following
|
CVE-2014-7206
|
2024-11-21 11:16 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277516
|
- |
|
kriesi
|
enfold
|
Unspecified vulnerability in the folder framework in the Enfold theme before 3.0.1 for WordPress has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2014-7297
|
2024-11-21 11:16 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277517
|
- |
|
linux
|
linux_kernel
|
The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initial…
|
CWE-200
Information Exposure
|
CVE-2014-7284
|
2024-11-21 11:16 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277518
|
- |
|
linux
redhat
|
linux_kernel
mrg_realtime
|
The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a …
|
CWE-399
Resource Management Errors
|
CVE-2014-7283
|
2024-11-21 11:16 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277519
|
- |
|
kevin_renskers
|
dmmjobcontrol
|
Multiple SQL injection vulnerabilities in the search function in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allow remote attackers to …
|
CWE-89
SQL Injection
|
CVE-2014-7201
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277520
|
- |
|
kevin_renskers
|
dmmjobcontrol
|
Cross-site scripting (XSS) vulnerability in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7200
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
